China denies cyber spy network charges

A network used to attack computers worldwide appears to be based in the country

China on Tuesday denied suggestions it could be involved in a cyberespionage ring that attacked computers worldwide from servers mostly based in the country.

GhostNet, a network that affected 1,295 computers in more than 100 countries through malware and social engineering, was described in a study last weekend by the SecDev Group's Information Warfare Monitor and the Munk Center for International Studies at the University of Toronto.

"Some people in foreign countries are keen to make up rumors about so-called Chinese Internet spies," foreign ministry spokesman Qin Gang said at a briefing Tuesday. "Their statements are entirely fabricated."

China opposes hacking and other attacks on computer networks, Qin said.

Attackers used GhostNet to steal documents from targets including international institutions and foreign ministries of other countries, according to the report. The attackers gained full access to affected computers, including control of attached microphones and Web cams that could have been used to monitor nearby activity.

The report drew attention to cybercrime in China at a time when observers say it is growing. GhostNet's highly targeted attacks against foreign government networks are unique, but its scale is tiny and its malware code outdated compared to other recent attacks, analysts say.

A simple online search can reveal the source code for GhostNet's unsophisticated malicious software, said Zhao Wei, CEO of Knownsec, a Beijing security firm. Much more advanced -- and more common in China -- are mass attacks with "zero days," or previously unknown software bugs, Zhao said.

Sophisticated attacks can hit millions of computers. Researchers at Zhao's firm found 4 million computers infected in a single day during one recent attack.

China had 298 million Internet users at the end of last year, the most in any country, according to the country's domain registry center.

Bank accounts and online game passwords are popular targets for attackers in China. Items like armor and weapons stolen from game accounts are often sold back to other players for real-world cash.

The attackers can make themselves hard to catch by stealing small amounts from many different people, Zhao said. An attacker might, for example, break into a huge number of bank accounts but steal just 10 yuan (US$1.47) from each, an amount victims are unlikely to report. That makes collecting evidence difficult for police, as does the need for cooperation across districts if the attacker and victims are in different places, Zhao said.

China passed its first regulations protecting the public from cyber data theft last month. The revisions to the country's criminal law ban digital theft of information from any computer, lowering the bar from old rules that banned intrusions into government-supported networks. The new law also prohibits designing programs to help attackers invade or gain control over other computers.

The law's protection from data theft extends to overseas computers like those attacked by GhostNet, said Pi Yong, a law professor at Wuhan University.

But implementing the law could be difficult even in purely domestic cases. Chinese courts in remote areas may be unsure how to handle electronic evidence, Pi said.

China also remains a convenient routing point for attackers from other countries, who can hide their location by using a Chinese IP (Internet Protocol) address.

Registering a Chinese domain is cheap and hassle-free, giving attackers an easy way to spread malware, said Konstantin Sapronov, head of the Kaspersky virus lab in China.

Blocked domains are easily replaced, he said.

"If it will be blocked, it doesn't matter. You can use another, and you can buy a lot of these," he said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimeespionage

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Owen Fletcher

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?